[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: error checking on interface-name
From:       Darren Reed <darrenr () reed ! wattle ! id ! au>
Date:       2006-05-29 15:21:52
Message-ID: 200605291521.k4TFLqjV000798 () firewall ! reed ! wattle ! id ! au
[Download RAW message or body]

> Hello,
> 
> Just FYI: If you make a typo on interface-name, the ipf utility in
> NetBSD 3.0 silently fails to add the rule.
> 
> For example, I had a "pass" rule in /etc/ipf.conf with rkt1 as the
> interface-name when I meant to type rtk1.  When running
> "ipf -f /etc/ipf.conf", there are no error messages and the exit
> status is the normal 0.


This is quite deliberate.

Interfaces can come and go during the life of a system while it
is up and running and not all interfaces that will be present are
present when the system loads its ipfilter config.  To support this,
it is necessary to not treat the inability to resolve an interface name
s an error.

Darren
[prev in list] [next in list] [prev in thread] [next in thread]